Upload
mohga-nabil
View
215
Download
0
Embed Size (px)
Citation preview
8/8/2019 Microsoft Windows Vulnerabilities
1/23
8/8/2019 Microsoft Windows Vulnerabilities
2/23
Mohga Nabil Mostafa Fathi Samar Hazem Mariam Reyad Soaad Ali Mona Sherif
Shaimaa Mohammed
Shaimaa Hassan Zainab Fayez Sarah Ahmed Samah Gamal Al-hariry
8/8/2019 Microsoft Windows Vulnerabilities
3/23
Whats vulnerability??
Types of vulnerability
Windows Vista vulnerabilities.
Windows 7 vulnerabilities.
8/8/2019 Microsoft Windows Vulnerabilities
4/23
a weakness which allows an attacker to
reduce a systems information insurance.
Also known as attack surface.
8/8/2019 Microsoft Windows Vulnerabilities
5/23
Hardware:
Ex: susceptibility to humidity & dust.
Software: Ex: insufficient testing.
Network:
Ex: unprotected communication lines. Personnel:
Ex: inadequate security awareness.
8/8/2019 Microsoft Windows Vulnerabilities
6/23
8/8/2019 Microsoft Windows Vulnerabilities
7/23
Weather Gadget Vulnerability :x The vulnerability is due to insufficient validation
of input that is supplied to the WeatherGadget.
Risks:
An attacker could exploit this vulnerability by
convincing a user that has the gadgetenabled to follow a malicious link in theWeather Gadget. A successful exploit couldallow the attacker to execute arbitrary codewith the privileges of the authenticated user.
8/8/2019 Microsoft Windows Vulnerabilities
8/23
HTML Component Handling Vulnerability:
Risks:
An attacker could exploit the vulnerability byconstructing a specially crafted Web page.When a user views the Web page via internetexplorer, the vulnerability could allow remotecode execution. An attacker who successfullyexploited this vulnerability could gain the same
rights as the logged on user.
8/8/2019 Microsoft Windows Vulnerabilities
9/23
IPv6Memory Corruption Vulnerability :x The TCP/IP stack in Microsoft Windows Vista
SP1 and SP2, and Windows 7 does not properlyhandle malformed IPv6 packets.
Risks:
An attacker could exploit the vulnerability by
sending the target system a small number ofspecially crafted packets, causing theaffected system to stop responding.
8/8/2019 Microsoft Windows Vulnerabilities
10/23
Microsoft Silverlight and Microsoft .NETFramework Vulnerability :
Microsoft Silverlight and .NET Framework areprone to a remote code-executionvulnerability because they fail to properlyhandle interfaces when running .NETapplications.
Risks:x Successful exploits may allow an attacker to
execute arbitrary code with the privileges ofthe currently logged-in user.
8/8/2019 Microsoft Windows Vulnerabilities
11/23
Integer Overflow in Windows Networking
Vulnerability :
The vulnerability is due to improperhandling of data copied from user modeby windows TCP/IP stack and resulting inan integer overflow .
Risks:x An attacker can exploit this vulnerability to gain
elevated privileges.
8/8/2019 Microsoft Windows Vulnerabilities
12/23
Rootkit vulnerability :
Risks:
x Attacker can exploit the network flow to inject theOS with a rootkit which give him a full control overthe system.
8/8/2019 Microsoft Windows Vulnerabilities
13/23
8/8/2019 Microsoft Windows Vulnerabilities
14/23
SMB DoS Vulnerability:
fails to sufficiently validate all fields when
parsing specially crafted SMB packets. Risks:
x A remote attacker could exploit this flaw via aspecially crafted network message.
x Denial of service .x System stop responding until manually
restarted.
8/8/2019 Microsoft Windows Vulnerabilities
15/23
XPMode Vulnerability:
Microsofts Virtual PC which allows an
attacker to bypass some of the securitysafeguards which would normally be inplace if the system was running on baremetal.
8/8/2019 Microsoft Windows Vulnerabilities
16/23
Blue-Screen Crashes: Software or device drivers may have a
problem. Installation of new hardware /software.
A hardware device is malfunctioning , or wasremoved while Windows was running.
outdated BIOS information can also causeerrors.
Update patches .
Corrupted startup files
8/8/2019 Microsoft Windows Vulnerabilities
17/23
Aero vulnerability Integer Overflow
Vulnerability:
Error in parsing information copied from usermode to kernel mode.
Risk:
x Code execution.
x cause the system to stop responding andrestart.
8/8/2019 Microsoft Windows Vulnerabilities
18/23
Windows Explorer:
hides file extensions by default.
The exploit tricks the user into clickingsomething that appears to be harmless butin reality it is malware that is capable ofdestroying your hard drive.
Ex: the malware can present itself as"destructive_malware.txt.exe."
8/8/2019 Microsoft Windows Vulnerabilities
19/23
Memory attack:
Hackers can gain access to a system's
memory--thus taking overWindows 7--through its PCMCIA card.
This means that the CPU and OS werebypassed, unable to prevent malicious DMA
requests.
8/8/2019 Microsoft Windows Vulnerabilities
20/23
Local privilege escalation Auto elevation:
UAC still pops up when a third-party program or
plugon wants to make a change to the system,but no longer requires confirmation whenworking with things built-in to the operatingsystem (such as most of the Control Panel
applets).
Risk:x Denial of service attack if a hacker sends a packet
containing malicious files during NTLM
authentication.
8/8/2019 Microsoft Windows Vulnerabilities
21/23
http://threatpost.com/en_us/blogs/microsoft-virtual-pc-flaw-lets-hackers-bypass-windows-defenses-031610
http://www.checkpoint.com/defense/advisories/public/announcement/111709-ms-win7-
smb-dos-vulnerability.html http://www.dslreports.com/forum/r22996742-
New-flaw-causes-Blue-Screen-of-Death-on-Vista-Windows-7
http://www.ccscentral.com/ccs-blogs/ccs-retail-systems-daves-blog/613-windows-7-aero-vulnerability
8/8/2019 Microsoft Windows Vulnerabilities
22/23
8/8/2019 Microsoft Windows Vulnerabilities
23/23